<?php

require 'vars.php';
require 'functs.php';

Authenticate();

require 'config.mysql.php';

Page_startup($title,$version);
Page_headbar($_SESSION[user],Get_timesettings($_SESSION[user],$mysql_server,$mysql_user,$mysql_pass,$mysql_db));

$link = MySQL_go($mysql_server,$mysql_user,$mysql_pass);
MySQL_set_db($link,$mysql_db);

$userlevel = Get_userlevel($_SESSION[user]);

if (empty($_GET)) { ?>
	<a href="options.php?display">Display options</a><br>
	<a href="options.php?email">E-mail options</a><br>
	<a href="options.php?password">Password options</a><br>
	<?php if ($userlevel > 0) { ?><a href="options.php?admin">Admin options</a><br><br><?php }
}
elseif (isset($_GET[display])) {

	$user = mysql_real_escape_string($_SESSION[user]);

	$sendstring = "SELECT `history`,`histmin`,`refresh`,`timezone`,`showtime` FROM `featherchat_users` WHERE `name` = '".$user."'";
	$result = mysql_query($sendstring);
	$user_r = mysql_fetch_assoc($result);
	
	if ($user_r[showtime] == '1') {
		$showtime = 'checked';
	}

	?>
	<form method="post" action="options-save.php?display">
		Auto-refresh every: <input type="text" size="2" name="refresh" value="<?php echo $user_r[refresh]; ?>" /> seconds (0 = never)<br>
		Number of history items to show: <?php // maybe re-write this <options> bit later with a foreach? ?>
		<select name="history">
		<option<?php if ($user_r[history]==5) { echo " selected"; } ?>>5</option>
		<option<?php if ($user_r[history]==10) { echo " selected"; } ?>>10</option>
		<option <?php if ($user_r[history]==25) { echo " selected"; } ?>>25</option>
		<option<?php if ($user_r[history]==100) { echo " selected"; } ?>>100</option>
		<option value="101"<?php if ($user_r[history]==101) { echo " selected"; } ?>>Since my last post</option>
		</select>
		<br> Minimum to show: <input type="text" size="2" name="histmin" value="<?php echo $user_r[histmin]; ?>" />
		<br> Show time at top of page: <input type="checkbox" name="showtime" <?php echo $showtime; ?>/>
		<br> Your timezone: GMT+<input type="text" size="2" name="timezone" value="<?php echo $user_r[timezone]; ?>" /> (example: -3)
		<br><input type="submit" value="Go" />
	</form><br><?php
}
elseif (isset($_GET[email])) {

		$email_enablesql = "SELECT `email_enable` FROM `featherchat_settings`";
		$result = mysql_query($email_enablesql) or die ('Unable to get e-mail info.'.mysql_error());
		$email_enable = mysql_result($result,0);

	if ($email_enable) {

		$user = mysql_real_escape_string($_SESSION[user]);

		$sendstring = "SELECT `email`,`emailnot`,`emailtime` FROM `featherchat_users` WHERE `name` = '".$user."'";
		$result = mysql_query($sendstring);
		$user_r = mysql_fetch_assoc($result);

		?>
		<form method="post" action="options-save.php?email">
			E-mail notification: <input type="checkbox" name="emailnot"<?php if ($user_r[emailnot] == 1) { echo " checked"; } ?> /><br>
			E-mail address: <input type="text" size="30" name="email"<?php if (!empty($user_r[email])) { echo " value=\"".$user_r[email]."\""; } ?> /><br>
			Only for posts newer than <input type="text" size="2" name="emailtime"<?php if (isset($user_r[emailtime])) { echo " value=\"".$user_r[emailtime]."\""; } ?> /> minutes after I last visited.
		<br><input type="submit" value="Go" />
		</form><br><?php
	}
	else { echo "The admin has not enabled e-mail notification.<br/>"; }
}
elseif (isset($_GET[password])) { ?>
	<form method="post" action="options-save.php?password">
		<strong>Change your password:</strong><br>
		Old pass: <input type="password" size="20" name="oldpass" /><br>
		New pass: <input type="password" size="20" name="newpass1" /><br>
		New pass again: <input type="password" size="20" name="newpass2" /><br>
		<input type="submit" value="Go" />
	</form><br><?php
}
elseif (isset($_GET[admin])) {
	if ($userlevel > 0) {
		if (count($_GET)==1) {
			?>
			<a href="options.php?admin&adduser">Add user</a><br>
			<a href="options.php?admin&deluser">Delete user</a><br>
			<a href="options.php?admin&emailconfig">E-mail config</a><br>
			<a href="options.php?admin&system">System settings</a><br><br>
			<?php
		}
		elseif (isset($_GET[adduser])) {
			?>
			<form method="post" action="usermod.php?adduser">
				Username: <input type="text" name="name" /><br>
				E-mail address: <input type="text" size="30" name="email" /><br>
				E-mail address again: <input type="text" size="30" name="email2" /><br>
				Password*: <input type="password" size="30" name="password" /><br>
				Password again*: <input type="password" size="30" name="password2" /><br>
				<small>* If you leave these blank, a random password will be created and mailed to the user.</small>
				<br><input type="submit" value="Go" />
			</form><br><?php
		}
		elseif (isset($_GET[deluser])) { // delete user - delete their posts?
			if (!isset($_GET[confirm])) {
				$user_rsql = "SELECT `name` FROM `featherchat_users` WHERE `level` < '1' ORDER BY `name` ASC";
				$result = mysql_query($user_rsql);

				if (mysql_fetch_row($result)) {
					?>
					<form method="post" action="options.php?admin&deluser&confirm">
						<select name="user"><?php
						$result = mysql_query($user_rsql);
						while ($row = mysql_fetch_row($result)) { ?>
							<option><?php echo $row[0]; ?></option><?php
						} ?>
						</select><br>
						Delete user's posts <input type="checkbox" name="delposts" />
						<br><input type="submit" value="Go" />
					</form><br><?php
				} else { echo "No users to delete.<br>"; }
			}
			else {
				echo "Are you sure you want to delete ".$_POST[user];
				if ($_POST[delposts] == "on") {
					echo " and his/her ";

					$user = mysql_real_escape_string($_POST[user]);

					$postcountsql = "SELECT `message` FROM `featherchat_messages` WHERE `user` = '".$user."'";
					$result = mysql_query($postcountsql);
					if (!$postcount = @mysql_num_rows($result)) { echo 0; } else { echo $postcount; }
					echo " post".Singular_plural($postcount);
				}
				echo "?"; ?>
				<form method="post" action="usermod.php?deluser">
					<input type="hidden" name="user" value="<?php echo $_POST[user]; ?>" />
					<input type="hidden" name="delposts" value="<?php echo $_POST[delposts]; ?>" />
					<input type="submit" value="Yes" /> | <a href="index.php#bot">No</a>
				</form><br><?php
			}
		}
		elseif (isset($_GET[emailconfig])) {
			$pear = Check_for_PEAR_Mail();
			if ($pear == 1) {
				Email_config_form($_SERVER[PHP_SELF]."?admin&emailconfigsave",$mysql_server,$mysql_user,$mysql_pass,$mysql_db);
			}
			else {
				echo "FeatherChat was unable to detect a PEAR Mail installation.  If you would like to use e-mail notification, see <a href=\"http://pear.php.net/packages.php?catpid=14&catname=Mail\">here</a>.<br>";
			}
		}
		elseif (isset($_GET[emailconfigsave])) {

			$pear = Check_for_PEAR_Mail();
			if (($_POST[enable] == "on") && ($pear == "1")) { $enable = 1; } else { $enable = 0; }
			
			$email_user = mysql_real_escape_string($_POST[emailuser]);
			$email_pass = mysql_real_escape_string($_POST[emailpass]);
			$email_host = mysql_real_escape_string($_POST[emailhost]);
			$email_port = mysql_real_escape_string($_POST[emailport]);
			$featherchataddr = mysql_real_escape_string($_POST[featherchataddr]);
			$mailsql = "UPDATE `featherchat_settings` SET `email_enable` = '".$enable."',`email_user` = '".$email_user."', `email_pass` = '".$email_pass."', `email_host` = '".$email_host."', `email_port` = '".$email_port."', `featherchataddr` = '".$featherchataddr."'";
			mysql_query($mailsql) or die ("Unable to update mail data: ".mysql_error());

			echo "E-mail notification updated.<br>";
		}
		elseif (isset($_GET[system])) {
		
		$systemtimezonesql = "SELECT `timezone` FROM `featherchat_settings`";
		$result = mysql_query($systemtimezonesql) or die ("Unable to determine system's timezone setting.");
		$systemtimezone = mysql_result($result,0);  ?>
		
			<form method="post" action="options-save.php?system">
				System timezone: <input type="text" name="timezone" size="2" value="<?php echo $systemtimezone; ?>" />
				<input type="submit" value="Go" />
			</form><br><?php
		}
	}
	else { echo "You shouldn't be here..."; }
}
elseif (!empty($_GET)) {
	echo "Error: Unknown options page.<br>";
}
Home_link();
Page_shutdown();

MySQL_halt($link);

?>
